earth_america
user_standard Log on
action_search_stroke
earth_america
Log on to rate and give feedback 1 2 3 4 5 Log on to rate
0
How to

How to


Products: AS-B, Edge Server, Enterprise Central, Enterprise Server, AS-P, Virtual Project Servers, WebStation
Functionalities: Security
Product version: 2023, 2024
8/29/2024

Configuring Security in WebStation using WorkStation

You can configure the security for WebStation using WorkStation.

Show More
action_close

For security reasons, the default configuration for WebStation is, for example, not to allow external content to be embedded.

The default configuration can be changed in the Security Settings in WorkStation or in the System Security tab in the Options menu.

Enable external websites to be embedded into WebStation

You can enable external websites to be displayed in WebStation. By selecting this option any website can be embedded.

Enabling external websites to be embedded into WebStation lowers the security significantly. Do not enable external websites to be embedded into WebStation if you do not understand the security implications. For more information, see HTML Utilities .

Lists external websites that are allowed to be embedded into WebStation

You can create a list of websites that are allowed to be embedded into WebStation. The list is a whitelist of allowed external websites.

Enabling external websites to be embedded into WebStation lowers the security significantly. Do not enable external websites to be embedded into WebStation if you do not understand the security implications. For more information, see HTML Utilities .

Enable WebStation to be embedded in another website

You can enable WebStation to be embedded in other sites.

Website to allow access to WebStation when embedded

You can create a list of websites that are allowed to access WebStation when WebStation is embedded in the website.

Type a list of websites that are allowed to access WebStation when WebStation is embedded in the website.

Enable WebStation to use unsafe string evaluated JavaScript methods

Enable the graphic viewer in WebStation to use unsafe string evaluated JavaScript methods like ‘eval’.

Select if you have graphics written in older versions of EBO that cannot be displayed in 3.0 or later. For more information, see Cannot Open Graphics in WebStation .

Enable HSTS pre-load list

HSTS is a preload list supported by Google. It requires a valid certificate on the server. Refer to Google HSTS documentation for more information.

HSTS pre-load list max-age

HSTS is a preload list supported by Google. It requires a valid certificate on the server. Refer to Google HSTS documentation for more information.

Content Security Policy Report Uri

Content Security Policy is a security feature that allows you to take control of the resources your website is permitted to load and the actions it is allowed to take.

Type the name of the endpoint that the browser should use for reporting Content Security Policy violations.

To configuring Security in WebStation using WorkStation
  1. In WorkStation, in the System Tree pane, select the EcoStruxure BMS server you want to configure.

  2. Click the Control Panel tab.

  3. Click Security Settings

  4. Configure the security settings.

    Property

    Description

    Enable external websites to be embedded into WebStation

    Select if you want external content to be embedded in WebStation. For more information, see Security Configuration in WebStation .

    Lists external websites that are allowed to be embedded into WebStation

    This setting is for internal R&D use only. The setting does not affect WebStation.

    Enable WebStation to be embedded into another site

    Select if you want WebStation to be embedded in another web site. For more information, see Security Configuration in WebStation .

    Website to allow access to WebStation when embedded

    This setting is for internal R&D use only. The setting does not affect WebStation.

    Enable WebStation to use unsafe string evaluated JavaScript methods

    Select if you have graphics written in older versions of EBO that cannot be displayed in 3.0 or later. For more information, see Cannot Open Graphics in WebStation .

    Enable HSTS pre-load list

    HSTS is a preload list supported by Google. It requires a valid certificate on the server. Refer to Google HSTS documentation for more information.

    HSTS pre-load list max-age

    HSTS is a preload list supported by Google. It requires a valid certificate on the server. Refer to Google HSTS documentation for more information.

  5. Click the Save button

     
    action_zoom_plus_stroke
    .

  • Security Configuration in WebStation
  • Configuring Security in WebStation using WebStation
  • Security Settings – Control Panel